cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
6551
Views
1
Helpful
18
Replies

Password Recovery on dual Sup 4510R

William Reed
Level 1
Level 1

Hello I need to recover the enable password on a 4510R with dual supervisors V, what is the proper precedure for doing this?

18 Replies 18

Reza Sharifi
Hall of Fame
Hall of Fame

Hi William,

Please follow the password recovery procedure in this link to recover your password:

http://www.cisco.com/en/US/products/hw/switches/ps663/products_password_recovery09186a00800945f7.shtml

Good Luck

Reza

That link has worked on 5 4506s with non redundant sups, but it is not working on the 4510R with the redundant sups. It has something to do with the redundant sup. What do I need to do? Pull the 2nd sup out?

You can pull it out and try recovering the password.  Make sure you do this during an outage window in case some thing goes wrong.

LOL i was doing this during an outage but I need to be 100% even during the outage

that I know exactly what do to.

This is the main switch of a hospital.

wow, a main hospital with one switch and no redundancy?

It there any way to shift the traffic to a redundant device and then do the recovery on this switch?

No, there is no other switch to shift traffic to. I inherited this network last week so lets not talk about how it should be setup. We all know things can always be setup better and different. They have one main 4510R with dual Sups and several 4506s thorough out the campus.

I need to recover the password on the 4510R now only.

To the top, still need to get a definitive answer.

William Reed
Level 1
Level 1

Can anyone help me, I still need to complete this?

I was searching for an answer to this issue myself today and found your post - I too am taking over a production switch with a "lost" password.  You are right about the documented process only working for single Supervisor switches.  I followed the same document and found that after rebooting the dual Supervisor switch, the secondary Supervisor would always overwrite the config with the recovered password - taking me back to square one.

After various attempts, the following methodology finally worked:

  1. Remove Supervisor A
  2. Run the Password Recovery procedure on Supervisor B
  3. After you get into the switch, copy the running config to a txt file as a backup
  4. Erase the startup config then reboot the switch
    1. Your switch should reboot with a basic factory config - no customization
  5. Power off your switch
  6. Remove Supervisor B and re-insert Supervisor A
  7. Run the Password Recovery procedure on Supervisor A
  8. Erase the startup config then reboot the switch
    1. Your switch should reboot with a basic factory config - no customization
  9. Power off your switch
  10. Re-insert Supervisor B - both Supervisors should be inserted at this point
  11. Power up your switch - there should only be a basic config on the switch
  12. You should be able to console login to the switch with no passwords at this point
  13. Restore the config from txt file via console cable - except for the enable password
  14. Set your enable password to whatever you wish

This worked for me today on a 4507R with dual Supervisors, I trust it will also work for you.

I was thinking about just pulling Sup B and do the recovery on Sup A. Then after Sup A is back u

p insert Sup B. Shouldnt Sup A then replicate the config to Sup B?

Just thinking out loud, doing the actual recovery this coming Sunday.

I did not try a hot swap as you seem to be suggesting.  I did however recover the password on Supervisor A with Supervisor B removed only to have Supervisor A overwritten by Supervisor B upon reboot because the Switch alternates Supervisor cards on each reboot.  This was problematic and hence is why I opted to clear configs on both Supervisors as outlined in the methodology earlier.

I was working at a customer site and did not want to attempt any hot swapping of Supervisor cards to mitigate risk.  The option is yours but what I have outlined worked well for my situation.

Good Luck

What did you use to backup and restore config. I have never done that over the console.

The password recovery procedure must be conducted using a console cable - this is the only way.  If you try to do this via Telnet, you will lose your connection on reboots.  Console cable allows you to see the switch go through the reboot process - its like a DRAC on a server.  I use Secure CRT to establish a serial connection to the Switch (aka console connection).  Secure CRT allows me to save the entire contents of my session to a txt file.  While working, I simply issue the 'show run' command which will save the config to my logged session.

To restore the config over console (serial):

  1. I copy the config from my saved session to PC clipboard
  2. Goto Secure CRT and issue the 'config terminal' command on the Cisco switch
  3. Issue the 'Paste to Host' or press 'Shift-Insert' command
  4. Once all items are inserted, make sure you write your config.

I suggest you test this procedure and using console connection on a  non-production switch if you are not experienced using the console to  insert a config.

Use the following to erase a config:

  1. go to enable mode
  2. erase startup-config
  3. reload - do not save or write
  4. when the device reloads, it will have a factory config

Thanks for the fast reply.

I just attempted this on my home 1760 Callmanager express config. I have SOME of the config restored but the copy and paste dies when reinserting dial peers to the config. How do I ensure something like this does not happen on the 4510R? Also how do I get around getting my whole config back to the 1760?

Thanks.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco